Suspended Sentence for German DDoS Attacker ZZb00t

  • Katrin Graewe
  • February 2, 2018


Suspended Sentence for German DDoS Attacker ZZb00t

Using the pseudonym ZZb00t, the hacker Maik D. attacked numerous companies in Germany and the UK from the end of April to the end of May 2017. The criminal court at Bielefeld has now sentenced him to one year and ten months of probation. The Link11 Insights Report on the DDoS attacks by ZZb00t describes his modus operandi.

Almost a year after the self-styled “gray hat” ZZb00t first launched DDoS attacks on predominantly German and British companies, the lone perpetrator has been sentenced before the criminal court in Bielefeld. The court imposed a suspended sentence of one year and ten months against the IT specialist from Voerde at Lower Rhine, the German eCommerce blog reported.

Far-reaching DDoS attacks against numerous large companies

The German citizen had attacked renowned large international organizations with DDoS attacks over a period of four weeks. International logistics providers, the marketplace eBay as well as numerous online shops and IT service providers were counted among his victims. In some cases, the downtimes extended over hours and disclosed critical interfaces. The business customer portals at several logistics providers, by means of which online retailers issue orders and can print shipping labels, collapsed. So far the companies attacked have not, however, demanded any compensation, according to

Twitter: Announced attacks and criticism of IT security

The “former IT Security Consultant” commented on his attacks using the Twitter handle @ZZb00t. He documents the attack preparations and downtimes in more than 300 tweets. Furthermore, he also explained the motives for his actions to his wide audience: criticism of the IT security strategies of companies and the lack of an awareness for their responsibility vis-à-vis customers. This did not stop him from demanding bitcoin from individual companies to get him to stop the attacks.

Most of the companies attacked had several hours to prepare for the attacks. Nonetheless, as a rule they were severely impacted due to the technically sound and stubborn attacks. In its Link11 Insights Report on ZZb00t, the Link11 Security Operation Center analyzed the weak points that were attacked and the DDoS tools used. In addition, the report traces the chronological sequence of this unparalleled wave of DDoS attacks and extortion, which only ended with the arrest of the perpetrator on May 23, 2017.

Additional DDoS attackers before the courts

ZZb00t is already the second big DDoS criminal to be made accountable before a German court within 12 months. In July 2017 the Regional Court of Cologne also imposed a suspended sentence against a hacker. Born in London, Daniel K. had tried to infect millions of telecommunication routers in Germany and the United Kingdom for his Mirai botnet at the end of November 2016. In January 2017 he blackmailed the British Lloyds Bank with DDoS attacks. In February 2017 German and British agents were able to arrest him at the airport in London.

Detailed analyses and background information from Link11 on ZZb00t, one of the most dangerous DDoS attackers in Germany. Now as a download!

The Biggest DDoS Attacks of the Past 12 Months (Infographic)
Infographic: 9 Trends Indicating that Cybercrime will Increase
This site is registered on as a development site.